Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OiUL8HcnNs4GcWs8MFxVI9BhZaI.roa
File: OiUL8HcnNs4GcWs8MFxVI9BhZaI.roa (raw, json)
Hash identifier: YLvVLLYwsZcKBm3yf6S9+twNPyGlpzeTwpuIgRZSMao=
Subject key identifier: 3A:25:0B:F0:77:27:36:CE:06:71:6B:3C:30:5C:55:23:D0:61:65:A2
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 01831C2B4E5815844662959BB65306DD8E80
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OiUL8HcnNs4GcWs8MFxVI9BhZaI.roa
Signing time: Thu 08 Sep 2022 08:15:43 +0000
ROA not before: Thu 08 Sep 2022 08:15:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 89.116.132.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.179.0/24 maxlen: 24
86.38.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1c:2b:4e:58:15:84:46:62:95:9b:b6:53:06:dd:8e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Sep 8 08:15:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a250bf0772736ce06716b3c305c5523d06165a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7e:e8:43:ce:07:05:92:39:1b:35:a5:3c:bc:
6f:ff:b6:08:68:9d:55:e3:ba:53:2d:1e:92:83:50:
ce:1b:b0:0c:53:06:f6:76:d9:31:39:42:6c:76:a9:
36:fa:cd:de:23:3e:99:a3:92:53:2a:e9:d5:d9:1a:
3a:b5:5e:42:3a:16:90:dc:53:cd:af:50:28:16:2a:
fc:7e:9f:3c:47:32:6d:1e:73:30:38:72:b0:c5:c3:
af:32:71:21:e5:33:1a:84:15:9f:90:c0:d4:a7:d4:
b8:af:71:43:b7:53:0a:6d:6f:18:0a:ba:c4:a7:ab:
7c:b8:3f:2a:fc:3c:d6:b7:e6:b0:fb:3f:38:b1:b7:
16:1c:ed:8d:fe:5d:ac:b9:ca:2c:51:2c:21:b5:e1:
11:3d:c9:5d:70:9c:87:31:c0:55:73:4e:82:e8:b2:
0c:8c:f0:98:5c:d2:33:e4:0b:cc:e3:99:92:25:9c:
df:47:3e:3c:84:4a:a2:d1:cd:dd:30:40:c0:5f:15:
7a:a7:03:26:39:67:ea:3f:d5:9d:ca:00:b1:40:4e:
e9:52:0c:63:90:e6:43:2c:50:ca:b3:70:18:ef:1c:
b3:77:c9:23:c7:5b:65:6f:d3:19:ee:03:59:51:7f:
35:79:0d:b2:7d:6e:5d:52:39:87:80:c1:cc:06:eb:
60:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:25:0B:F0:77:27:36:CE:06:71:6B:3C:30:5C:55:23:D0:61:65:A2
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OiUL8HcnNs4GcWs8MFxVI9BhZaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.238.0/24
89.116.132.0/24
89.116.166.0/24
89.116.179.0/24
89.116.253.0/24
89.116.255.0/24
89.117.222.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:1f:a7:8c:ba:bc:17:79:b5:92:59:21:44:07:46:2e:70:78:
6d:df:9d:0c:c2:f7:81:ab:52:00:38:3e:9e:e2:11:4f:a4:45:
bd:4a:f5:c3:2f:3f:7e:26:8e:be:60:05:9c:de:d4:6e:80:13:
a8:e9:ab:0a:92:c3:53:34:7d:f4:09:eb:e4:a4:cb:e9:e3:c3:
c9:b2:4c:16:e8:ac:23:6c:0e:c7:19:22:6e:19:55:4d:01:df:
3d:af:b4:7f:e8:94:35:ff:87:15:6f:10:03:0f:c0:2e:ea:dd:
ca:d0:e8:8e:7b:fb:27:fc:57:02:ed:b6:0c:9c:0f:e4:65:b5:
34:fc:46:38:ee:93:3d:38:44:cf:44:bb:d1:0a:c1:77:5a:2b:
f0:af:3a:d6:86:54:93:93:9b:97:90:d2:34:7d:f6:e6:7a:ab:
10:a7:a3:b0:de:29:ff:75:1e:af:9a:df:9c:63:e7:f3:e0:06:
aa:1d:d9:b1:b5:5c:e8:46:82:cb:fe:51:94:61:eb:50:83:c6:
66:05:54:35:c4:5d:6c:e1:e2:3e:5a:76:0c:a2:3f:f1:06:06:
85:db:f1:31:c3:a6:06:51:0d:22:4b:52:fe:a0:54:2c:a8:80:
04:a8:28:b5:35:40:5f:e5:d1:f7:be:e6:65:85:e6:6d:56:b3:
d3:df:7c:c9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYMcK05YFYRGYpWbtlMG3Y6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwOTA4MDgxNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTI1MGJmMDc3MjczNmNlMDY3MTZiM2MzMDVjNTUyM2QwNjE2NWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh37oQ84HBZI5GzWlPLxv/7YIaJ1V
47pTLR6Sg1DOG7AMUwb2dtkxOUJsdqk2+s3eIz6Zo5JTKunV2Ro6tV5COhaQ3FPN
r1AoFir8fp88RzJtHnMwOHKwxcOvMnEh5TMahBWfkMDUp9S4r3FDt1MKbW8YCrrE
p6t8uD8q/DzWt+aw+z84sbcWHO2N/l2sucosUSwhteERPcldcJyHMcBVc06C6LIM
jPCYXNIz5AvM45mSJZzfRz48hEqi0c3dMEDAXxV6pwMmOWfqP9WdygCxQE7pUgxj
kOZDLFDKs3AY7xyzd8kjx1tlb9MZ7gNZUX81eQ2yfW5dUjmHgMHMButgFwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDolC/B3JzbOBnFrPDBcVSPQYWWiMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvT2lVTDhIY25OczRHY1dzOE1GeFZJOUJoWmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVibuAwQA
WXSEAwQAWXSmAwQAWXSzAwQAWXT9AwQAWXT/AwQAWXXeMA0GCSqGSIb3DQEBCwUA
A4IBAQCdH6eMurwXebWSWSFEB0YucHht350MwveBq1IAOD6e4hFPpEW9SvXDLz9+
Jo6+YAWc3tRugBOo6asKksNTNH30CevkpMvp48PJskwW6KwjbA7HGSJuGVVNAd89
r7R/6JQ1/4cVbxADD8Au6t3K0OiOe/sn/FcC7bYMnA/kZbU0/EY47pM9OETPRLvR
CsF3WivwrzrWhlSTk5uXkNI0ffbmeqsQp6Ow3in/dR6vmt+cY+fz4AaqHdmxtVzo
RoLL/lGUYetQg8ZmBVQ1xF1s4eI+WnYMoj/xBgaF2/Exw6YGUQ0iS1L+oFQsqIAE
qCi1NUBf5dH3vuZlheZtVrPT33zJ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org